Cobbler介绍
Cobbler是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS
Cobbler可以使用命令行方式管理,也提供了基于Web界面管理工具(cobbler-web),同时提供API接口用于二次开发。
Cobbler是较早前的Kickstart的升级版本,向较与Kickstart优点为更容易配置,且自带WEB界面。易于管理。
Cobbler原理
Cobbler是通过将DHCP、TFTP、DNS、HTTP等服务进行集成,创建一个中央管理节点,其可以实现的功能有配置服务,创建存储库,解压缩操作系统媒介,代理或集成一个配置管理系统,控制电源管理等。 Cobbler的最终目的是实现无需进行人工干预即可安装机器。在进行进一步的操作之前,我们有必要先了解下pxe和kickstart 。
Pxe(预执行环境)
PXE是让计算机通过网卡独立地使用数据设备(如硬盘)或者安装操作系统。PXE主要通过广播的方式发送一个包,并请求获取一个地址,而后交给TFTP程序下载一个引导文件。
Kickstart
Kickstart 是红帽开发的一种工具,我们可以简单理解为一个自动安装应答配置管理程序。通过读取这个配置文件,系统知道怎么去分区,要安装什么包,配什么IP,优化什么内核参数等等
原理视图及步骤
Server端
- 启动Cobbler及相关服务
- cobbler check检查错误
- 进行配置然后同步 cobbler sync
- DHCP配置
- TFTP传输启动文件
- Server端发送ISO镜像与Kickstart给客户端
Client端
- 以PXE启动
- 根据DHCP自动获取IP地址
- 加载Kickstart文件
- 进行系统安装
Cobbler部署
- 安装cobbler环境
[root@localhost ~]# yum install -y httpd dhcp tftp python-ctypes cobbler xinetd cobbler-web pykickstart epel-release
......
- 开启并自启服务
[root@localhost ~]# systemctl enable --now cobblerd
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
[root@localhost ~]# systemctl enable --now httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
- 修改server IP
[root@localhost ~]# vim /etc/cobbler/settings
......
# (dual homed, etc), you need to read the --server-override section
# of the manpage for how that works.
server: 192.168.197.144 ## 修改为本地IP
......
# of the cobbler server here so that PXE booting guests can find it
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
next_server: 192.168.197.144 ## tftp服务的ip地址也填写为本地IP
- 开启tftp服务
[root@localhost ~]# vim /etc/xinetd.d/tftp
......
service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /var/lib/tftpboot
disable = no ## 将状态修改为NO ,表示开启此服务
per_source = 11
cps = 100 2
flags = IPv4
- 下载cobbler相关缺失文件
[root@localhost ~]# cobbler get-loaders
......
path /var/lib/cobbler/loaders/grub-x86_64.efi already exists, not overwriting existing content, use --force if you wish to update
*** TASK COMPLETE ***
- 开启rsync共享服务
[root@localhost ~]# systemctl enable --now rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
- 修改默认密码(默认密码为cobbler)
[root@localhost ~]# openssl passwd -1 -salt "$RANDOM" '123456' # 先加密
$1$2512$pppPAr0KZoqb.iwWcOVFu0
## 写入配置文件
[root@localhost ~]# vim /etc/cobbler/settings
......
## 重启服务
[root@localhost ~]# systemctl restart cobblerd
- cobbler check 检查是否还有错误
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
注意:
1的错误为需要Debian的必备包,如果安装的客户机的系统没有Debian,则不需要处理。
2的错误是电源管理的工具没有安装,如果需要电源管理则需要,如没有则忽略。
- 配置DHCP服务
[root@localhost ~]# vim /etc/cobbler/settings
......
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: 1 # 将值改成1,即启动dhcp服务
[root@localhost ~]# vim /etc/cobbler/dhcp.template
......
subnet 192.168.197.0 netmask 255.255.255.0 {
option routers 192.168.197.144; # 客户机设置路由ip
option domain-name-servers 192.168.197.144; # 客户机DNS地址
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.197.10 192.168.197.20; # dhcp分配池
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
......
- 重启服务并重置配置
[root@localhost modules]# systemctl restart cobblerd
[root@localhost modules]# cobbler sync
task started: 2020-11-23_172811_sync
task started (id=Sync, time=Mon Nov 23 17:28:11 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: /usr/bin/systemctl restart dhcpd
received on stdout:
received on stderr:
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
- 导入ISO系统镜像文件
## 挂载CDROM
[root@localhost /]# mount /dev/cdrom /mnt
mount: /dev/sr0 is write-protected, mounting read-only
## 导入
[root@localhost /]# cobbler import --path=/mnt --name=centos-7 --arch=x86_64
......
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos-7-x86_64 for centos-7-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos-7-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/centos-7-x86_64
looking for /var/www/cobbler/ks_mirror/centos-7-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos-7-x86_64/repodata
*** TASK COMPLETE ***
## 查看镜像信息
[root@localhost /]# cobbler list
distros:
centos-7-x86_64
profiles:
centos-7-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
- 新建kickstart脚本文件
[root@localhost cobbler]# cat > /var/lib/cobbler/kickstarts/centos-7-x86_64.ks << 'EOF'
> auth --enableshadow --passalgo=sha512
> bootloader --location=mbr
> clearpart --all --initlabel
> part /boot --asprimary --fstype="ext4" --size=500
> part swap --fstype="swap" --size=4096
> part / --fstype="ext4" --grow --size=15000
> text
> firewall --disabled
> firstboot --disable
> keyboard us
> lang en_US
> url --url=http://172.16.12.128/cobbler/ks_mirror/rhel-7-x86_64
> $yum_repo_stanza
> reboot
>
> rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0
>
> selinux --disabled
> skipx
> timezone Asia/Shanghai --isUtc --nontp
> install
> zerombr
>
> %packages
> @^minimal
> @core
> kexec-tools
>
> %end
>
> %addon com_redhat_kdump --enable --reserve-mb='auto'
>
> %end
>
> %anaconda
> pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
> pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
> pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
> %end
> EOF
## 修改此文件
[root@localhost kickstarts]# vim centos-7-x86_64.ks
......
url --url=http://192.168.197.144/cobbler/ks_mirror/centos-7-x86_64 # 修改镜像位置
rootpw --iscrypted $6$8denxfTBAs8386/0$G/DnJl3Ccl6qr.kwyIZVPsWPG3v9AMqeIzaxm1/oF9jBiHoKofJFo29tKepzewfdqVFoTOaI4Lqnu8JkJCW2F0 # 设置ROOT密码,可以选择ROOT家目录的anoconda.conf文件中的密码。
- 检验语法
[root@localhost ~]# cobbler validateks
task started: 2020-11-23_175351_validateks
task started (id=Kickstart Validation, time=Mon Nov 23 17:53:51 2020)
----------------------------
osversion: rhel7
checking url: http://192.168.197.144/cblr/svc/op/ks/profile/centos-7-x86_64
running: /usr/bin/ksvalidator -v "rhel7" "http://192.168.197.144/cblr/svc/op/ks/profile/centos-7-x86_64"
received on stdout:
received on stderr:
*** all kickstarts seem to be ok ***
*** TASK COMPLETE ***
- 修改配置文件
# 将centos.ks文件设置为默认的安装文件
[root@localhost ~]# cobbler profile edit --name centos-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos-7-x86_64.ks
# 配置网卡名称为传统网卡名称eth0
[root@localhost ~]# cobbler profile edit --name centos-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'
- 查看配置信息
[root@localhost ~]# cobbler profile report
Name : centos-7-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : centos-7-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {'biosdevname': '0', 'net.ifnames': '0'}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/centos-7-x86_64.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
- 同步配置文件并重启服务
[root@localhost ~]# cobbler sync
......
*** TASK COMPLETE ***
## 重启所有服务
[root@localhost ~]# systemctl restart xinetd
[root@localhost ~]# systemctl restart cobblerd
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 5 127.0.0.1:25151 *:*
LISTEN 0 5 *:873 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::]:443 [::]:*
LISTEN 0 5 [::]:873 [::]:*
LISTEN 0 128 [::]:80 [::]:*
- 客户端装机
.jpg)
选择对应的cobbler名字
- 装机完毕,查看IP
.jpg)
定制化装机
- 登录cobbler_web(https:SERVER IP/cobbler_web)
.jpg)
- 创建新的定制机配置
.jpg)
- 网络配置
.jpg)
.jpg)
.jpg)
- 编写脚本实现批量装机
[root@localhost scripts]# vim cobbler_centos_install.sh
#!/bin/bash
ip_server=`ip a |grep global|awk -F " +|/" '{print $3}'`
# 逐行读取客户机清单,获得相应参数,清单路径:/script/client_info
while read line
do
client_hostname=`echo $line | awk '{print $1}'`
client_MAC=`echo $line | awk '{print $2}'`
client_IPADDR=`echo $line | awk '{print $3}'`
cat > /var/lib/cobbler/config/systems.d/${client_hostname}.json << EOF
{
"comment": "",
"status": "production",
"kickstart": "/var/lib/cobbler/kickstarts/centos-7-x86_64.ks",
"name_servers_search": [ ],
"ks_meta": { },
"kernel_options_post": { },
"image": "",
"redhat_management_key": "<<inherit>>",
"virt_path": "<<inherit>>",
"power_user": "",
"kernel_options": {
"biosdevname": "0",
"net.ifnames": "0"
},
"ctime": 1606183288.613767,
"name_servers": [
"$ip_server"
],
"mtime": 1606183288.613767,
"enable_gpxe": false,
"template_files": { },
"gateway": "$ip_server",
"uid": "MTYwNjE4MzI4OC42MTI4MjI4NzAuMTcyNzY",
"virt_auto_boot": 0,
"power_type": "ipmitool",
"virt_cpus": "<<inherit>>",
"mgmt_parameters": "<<inherit>>",
"boot_files": { },
"hostname": "$client_hostname",
"repos_enabled": false,
"mgmt_classes": [ ],
"power_pass": "",
"netboot_enabled": true,
"ipv6_autoconfiguration": false,
"profile": "centos-7-x86_64",
"virt_type": "xenpv",
"interfaces": {
"eth0": {
"ipv6_address": "",
"interface_type": "",
"static": true,
"cnames": [ ],
"mtu": "",
"management": false,
"interface_master": "",
"mac_address": "$client_MAC",
"ipv6_prefix": "",
"virt_bridge": "xenbr0",
"netmask": "255.255.255.0",
"bonding_opts": "",
"ip_address": "$client_IPADDR",
"dhcp_tag": "",
"static_routes": [ ],
"ipv6_mtu": "",
"ipv6_static_routes": [ ],
"if_gateway": "",
"dns_name": "",
"bridge_opts": "",
"connected_mode": false,
"ipv6_secondaries": [ ],
"ipv6_default_gateway": ""
}
},
"power_address": "",
"proxy": "<<inherit>>",
"fetchable_files": { },
"virt_file_size": "<<inherit>>",
"ldap_enabled": false,
"monit_enabled": false,
"ipv6_default_device": "",
"virt_pxe_boot": 0,
"virt_disk_driver": "<<inherit>>",
"owners": "<<inherit>>",
"name": "$client_hostname",
"virt_ram": "<<inherit>>",
"power_id": "",
"server": "<<inherit>>",
"redhat_management_server": "<<inherit>>",
"depth": 2,
"ldap_type": "authconfig",
"template_remote_kickstarts": 0
}
EOF
echo "-------------成功生成${client_hostname}.json------------"
echo "-------------客户机MAC地址:$client_MAC-------------"
echo "-------------客户机IP地址为:$client_IPADDR------------"
done < client_info
## 重启服务及同步配置文件
systemctl restart cobblerd httpd
/usr/bin/cobbler sync &> /dev/null
- 执行脚本并传递参数
[root@localhost scripts]# bash cobbler_centos_install.sh test2 00:50:56:30:76:91 192.168.197.12
-------------成功生成test2.json------------
-------------客户机MAC地址:00:50:56:30:76:91-------------
-------------客户机IP地址为:192.168.197.12------------
-
查看WEB
.jpg)
-
装机完成后查看客户机IP及主机名
